Virus found in payment systems capable of stealing data

[sincity]

Cyber security researchers have detected a virus in online banking transactions, warning customers who swipe debit or credit cards at shopping counters as well as companies who stock them.

The virus, which is spreading at a "severe" rate according to CERT, has been detected operating in point of sale (PoS) counters at retail terminals in Asia, infecting their connection to online banking sources. Named "Dexter", it can acquire several aliases when infecting systems.

Malware programs designed for PoS systems are commonly referred to as RAM scrapers, because they search the terminal's random access memory (RAM) for transaction data and steal it.

PoS systems are actually computers with peripherals like card readers and keypads attached to them. Many of these systems run a version of Windows Embedded as the OS as well as special cash register software.

Cloning cards

Once the virus breaches the security of the target, it then begins to mine confidential data, including names, account numbers, sort codes and expiration dates. With the information from a card's magnetic stripe, known as track 1 and track 2 data, cybercriminals can effectively clone the card.

CERT, in an advisory, said that the malware campaigns targeting payment card processing, point-of-sale and check-out systems are on the rise, due to the ease of copying data. Many security firms have stressed in recent months that companies should shore up the security systems of the PoS terminals to avoid any form of compromise.

Last week it was revealed that U.S retail giant Target had been infected with a PoS virus that had stolen the names and addresses of 70 million customers.

• Target's data breach was the second largest in U.S. history